Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1091
Views
0
Helpful
6
Replies

ASA 3DES Key - Failed to retrieve permanent activation key. error

random32482474824
Level 1
Level 1

‎04-23-2022 12:01 PM

I have an ASA 5516-X and when I try to activate the 3DES key (that I just recently generated from the licensing portal), it instantly fails with the following error:

 

ASA-MAIN-01(config)# activation-key xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx (i redacted the key)
Validating activation key. This may take a few minutes...
Failed to retrieve permanent activation key.

 

At this point it hangs for a few minutes. How can I resolve this? Thanks.

0 Helpful
6 Replies 6

Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-23-2022 09:07 PM

When you input the serial number to obtain a 3ES key, use the value given in the "show version" output - that is the PCB (printed circuit board) serial number which is required for licensing purposes.

"show inventory" will return a different value - the chassis serial number.

0 Helpful

random32482474824
Level 1
Level 1
In response to Marvin Rhoads

‎04-24-2022 12:47 AM

Thanks for the reply. When I try that S/N I get the following error:

Serial number 'xxxxxxxxxxxxx' not found
Serial Number =xxxxxxxxxxxxxxx
We're sorry, but our systems do not show any data for the replacement serial number provided.
If you would like any assistance in the resolution of this issue, please open a service request online using the TAC Service Request Tool or open a case here.

Sincerely,
Cisco Systems Licensing

Open a Support Case
Call Technical Assistance Center
1-800-553-2447 or
1-408-523-7209 'option 3'.

 

I would open a case but I don't have smartnet anymore. I wouldn't think I need to pay for this since the license is free. 

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to random32482474824

‎04-24-2022 04:00 AM

Smartnet is not required for the free 3DES-AES license.

Are you using this section of software.cisco.com to make the request?

ASA 3DES License.PNG

0 Helpful

random32482474824
Level 1
Level 1
In response to Marvin Rhoads

‎04-24-2022 12:25 PM - edited ‎04-24-2022 12:26 PM

Yes. After inputting my serial, that's where I get the error.

 
screenshot is attached.

 

Preview file
95 KB
0 Helpful

johnlloyd_13
Level 9
Level 9

‎04-23-2022 11:44 PM

hi,

i agree with marvin. just use the 'show version' serial number for ASA license feature.

also post a 'show version' output to see if it's already enabled.

0 Helpful

random32482474824
Level 1
Level 1
In response to johnlloyd_13

‎04-24-2022 12:51 AM

Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 50 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Disabled perpetual
Security Contexts : 2 perpetual
Carrier : Disabled perpetual
AnyConnect Premium Peers : 4 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 100 perpetual
Total VPN Peers : 100 perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
Shared License : Disabled perpetual
Total TLS Proxy Sessions : 320 perpetual
Botnet Traffic Filter : Disabled perpetual
Cluster : Disabled perpetual
VPN Load Balancing : Enabled perpetual

 

It's not enabled. I can only SSH with SSH 1, but if I try to use SSH 2 it fails. That's what I'm trying to accomplish. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card